Created
April 5, 2019 17:22
-
-
Save mikemrm/bf78997a0e569a3cac068e96632fc8d5 to your computer and use it in GitHub Desktop.
Test ESXI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Accept the VMware End User License Agreement | |
vmaccepteula | |
# Set the root password for the DCUI and Tech Support Mode | |
rootpw --iscrypted $6$xSOpfz11kKe.namH$RbbGJOczPR/k17lPmotNf0cFrmYD7ooWcCuA7/f4xp4Y80g1NvpWJ.UvTvkagmjYmha3xJdEtIxTMWCTaNMf21 | |
# The install media is in the CD-ROM drive | |
install --firstdisk=lsi_mr3,lsi_msgpt3,vmw_ahci --overwritevmfs | |
# Set the network to DHCP on the proper network adapter based on its type | |
network --bootproto=dhcp --device=ec:0d:9a:ca:69:e4 | |
reboot | |
%firstboot --interpreter=busybox | |
# Fetch packet MD | |
wget http://metadata.packet.net/metadata -O /tmp/metadata | |
uuid=$(cat /tmp/metadata | python -c "import sys, json; print(json.load(sys.stdin)['id'])") | |
hostname=$(cat /tmp/metadata | python -c "import sys, json; print(json.load(sys.stdin)['hostname'])") | |
# Set hostname | |
esxcli system hostname set --fqdn=$hostname | |
# Enable shell | |
vim-cmd hostsvc/enable_esx_shell | |
vim-cmd hostsvc/start_esx_shell | |
# Add private network interface | |
esxcli network vswitch standard portgroup add --portgroup-name='Private Network' --vswitch-name=vSwitch0 | |
esxcli network ip interface add --interface-name=vmk1 --portgroup-name='Private Network' | |
# Set the iSCSI IQN | |
iqn=$(cat /tmp/metadata | python -c "import sys, json; print(json.load(sys.stdin)['iqn'])") | |
esxcli iscsi software set --enabled=true | |
esxcli iscsi adapter set -A vmhba64 -n $iqn | |
esxcli iscsi networkportal add -n vmk1 -A vmhba64 | |
# Configure IP addresses statically from metadata using python | |
cat >> /tmp/netcfg.py <<EOF | |
import sys | |
import json | |
import subprocess | |
def exec(cmd): | |
print(cmd + "\n") | |
subprocess.call(cmd, shell=True) | |
with open('/tmp/metadata', 'r') as json_file: | |
packet_metadata = json.load(json_file) | |
for addr in packet_metadata['network']['addresses']: | |
if addr['public'] == True: | |
interface = "vmk0" | |
else: | |
interface = "vmk1" | |
if addr['address_family'] == 4: | |
if interface == "vmk1": | |
exec("esxcli network ip interface ipv4 set -i " + interface + " -t static -I " + addr['address'] + " -N " + addr['netmask']) | |
exec("esxcli network ip route ipv4 add --gateway " + addr['gateway'] + " --network 10.0.0.0/8") | |
else: | |
exec("esxcli network ip interface ipv4 set -i " + interface + " -t static -I " + addr['address'] + " -N " + addr['netmask'] + " -g " + addr['gateway']) | |
elif addr['address_family'] == 6: | |
exec("esxcli network ip interface ipv6 set -i " + interface + " -e true") | |
exec("esxcli network ip interface ipv6 address add -i " + interface + " -I " + addr['address'] + "/" + str(addr['cidr'])) | |
exec("esxcli network ip interface ipv6 set -i " + interface + " -g " + addr['gateway']) | |
else: | |
print("Skipping unknown address_family [" + addr['address_family'] +"]\n") | |
EOF | |
python /tmp/netcfg.py | |
# Setup public SSH key auth for root | |
wget http://metadata.packet.net/2009-04-04/meta-data/public-keys -O /etc/ssh/keys-root/authorized_keys | |
# Disable SSH password auth and force public key auth | |
echo 'ChallengeResponseAuthentication no' >> /etc/ssh/sshd_config | |
# Enable ssh | |
vim-cmd hostsvc/enable_ssh | |
# Ensure serial port is activated | |
esxcli system settings kernel set -s logPort -v none | |
esxcli system settings kernel set -s gdbPort -v none | |
esxcli system settings kernel set -s tty2Port -v com2 | |
# Phone home to Packet for device activation | |
echo "Tinkerbell: 147.75.200.3" > /tmp/firstboot-packet.log | |
echo "UUID: $uuid" >> /tmp/firstboot-packet.log | |
BODY='{"instance_id":"$uuid"}' | |
BODY_LEN=$( echo -n ${BODY} | wc -c ) | |
echo -ne "POST /phone-home HTTP/1.0\r\nHost: 147.75.200.3\r\nContent-Type: application/json\r\nContent-Length: ${BODY_LEN}\r\n\r\n${BODY}" | nc -i 3 147.75.200.3 80 > /tmp/firstboot-phone-home.log | |
reboot | |
%post --interpreter=busybox | |
esxcli system settings kernel set -s logPort -v none | |
esxcli system settings kernel set -s gdbPort -v none | |
esxcli system settings kernel set -s tty2Port -v com2 | |
echo "nameserver 147.75.207.207" > /etc/resolv.conf | |
sleep 20 | |
echo "Tinkerbell: 147.75.200.3" > /tmp/post-packet.log | |
BODY='{"type":"provisioning.109"}' | |
BODY_LEN=$( echo -n ${BODY} | wc -c ) | |
echo -ne "POST /phone-home HTTP/1.0\r\nHost: 147.75.200.3\r\nContent-Type: application/json\r\nContent-Length: ${BODY_LEN}\r\n\r\n${BODY}" | nc -i 3 147.75.200.3 80 > /tmp/post-phone-home.log | |
%pre --interpreter=busybox | |
BOOTOPTIONS=$(/sbin/bootOption -o) | |
echo $BOOTOPTIONS > /cmdline-bootoption | |
echo $BOOTOPTIONS > /tmp/pre-bootoptions |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment